CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 940
Comments: 25
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/22/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-22
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
rsync File Handling Integer Overflow Vulnerability
A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.

Latest 15 Secunia Security Advisories:
2003-12-22
- mvdsv Download Function Buffer Overflow Vulnerability

- Dada Mail Non-Random Verification PIN

- Xoops URL Parameter Cross Site Scripting Vulnerability

- Subscribe Me Pro Installation Invocation

- Active WebCam Directory Traversal and Cross-Site Scripting

- BoastMachine (bMachine) Comment Cross-Site Scripting Vulnerability

- BES-CMS Arbitrary File Inclusion Vulnerabilities

- Double Choco Latte Arbitrary File Inclusion Vulnerabilities

- Red Hat update for kernel

- Xerox Document Centre Directory Traversal Vulnerability

- CyberGuard Proxy Error Page Cross-Site Scripting Vulnerability

2003-12-19
- AIX diag Unspecified Privilege Escalation Vulnerability

- AIX enq Privilege Escalation Vulnerability

- Mandrake update for XFree86

- Kerio Personal Firewall TCP Stealth Scan Detection Vulnerability

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer URL Spoofing Vulnerability

- XBlockOut -display Privilege Escalation Vulnerability

- Microsoft Internet Explorer Multiple Vulnerabilities

- Cisco Catalyst Switch Non-Standard TCP Flag Combination DoS Vulnerability

- Internet Explorer System Compromise Vulnerabilities


Security Tracker

bes-cms Include File Flaws Let Remote Users Execute Arbitary Commands

Security Corporation reported an include file vulnerability in 'bes-cms'. A remote user can execute arbitrary commands on the target server.

Impact: Execution of arbitrary code via network, User access via network

AppleFileServer Does Not Properly Handle Malformed Requests

An unspecified vulnerability was reported in the AppleFileServer on Mac OS X. The impact was not specified.

Impact: Denial of service via network

unix2tcp Command Line Buffer Overflow May Let Local Users Gain Elevated Privileges

A buffer overflow vulnerability was reported in unix2tcp. A local user may be able to obtain elevated privileges in certain configurations.

Impact: Execution of arbitrary code via local system, Root access via local system

Mac OS X USB keyboard 'init' Flaw Yields Root Access to Physically Local Users

A vulnerability was reported in Apple's Mac OS X when using a USB keyboard. A physically local user can gain root access on the system.

Impact: Root access via local system

CyberGuard Firewall Proxy Error Page Input Validation Flaw May Permit Cross-Site Scripting Attacks

An input validation vulnerability was reported in the CyberGuard firewall in the HTTP proxy. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/20/2003 phpBB v2.06 search_id sql injection exploit f3sy1 f3sy1
12/20/2003 PHP-NUKE version 6.9 'cid' sql injection exploit r00t rsteam ru
12/20/2003 Re: Remote crash in tcpdump from OpenBSD Przemyslaw Frasunek
12/20/2003 [SCSA-024] BES-CMS including file vulnerability Security Corporation Security Advisory
12/20/2003 Re: Remote crash in tcpdump from OpenBSD Henning Brauer
12/20/2003 Multicast from Orinoco wireless stations Andrew Daviel
12/20/2003 Remote crash in tcpdump from OpenBSD Przemyslaw Frasunek
12/20/2003 Re: Security bug in Xerox Document Centre brandon pierce
12/19/2003 Directory traversal and XSS in Active Webcam 4.3 Luigi Auriemma
12/19/2003 Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior Eric MightyE Stevens
12/19/2003 RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior Andre Lorbach
12/19/2003 [Exploit]: DameWare Mini Remote Control Server Overflow Exploit Adik
12/19/2003 AOL Instant Messanger - Buddy Icon Warn Exploit Josh Camacho
12/19/2003 Security bug in Xerox Document Centre J.A. Gutierrez
12/19/2003 MDKSA-2003:118 - Updated XFree86 packages fix xdm vulnerability Mandrake Linux Security Team
12/19/2003 Re: Edonkey/Overnet Plugins capable of Virus/Worm behavior nagual bluemail ch
12/19/2003 Re: Buffer overflow/privilege escalation in MacOS X - hfs.util also KF
12/19/2003 RE: Edonkey/Overnet Plugins capable of Virus/Worm behavior ashton
12/19/2003 Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, Sharad Ahlawat
2003-12-19: IBM AIX diag Unspecified Privilege Escalation Vulnerability
2003-12-19: IBM AIX enq Local Format String Vulnerability
2003-12-19: SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability
2003-12-18: lftp Try_Squid_Eplf Buffer Overflow Vulnerability
2003-12-18: lftp Try_Netscape_Proxy Buffer Overflow Vulnerability
2003-12-18: Multiple ASPapp Portal Vulnerabilities
2003-12-18: Autorank PHP Multiple SQL Injection Vulnerabilities
2003-12-18: laitcg Pop 3 Scan Renattach Malicious Attachment Scanning Bypass Vulnerability
2003-12-18: Multiple Browser URI Display Obfuscation Weakness
2003-12-18: Ethereal Q.931 Protocol Dissector Denial of Service Vulnerability
2003-12-18: Ethereal SMB Protocol Dissector Denial of Service Vulnerability
2003-12-18: Advanced Research Security Auditor Research Assistant Service Banner HTML Injection Vulnerability
2003-12-18: SOLMETRA SPAW Editor spaw_control.class.PHP Remote PHP File Include Vulnerability
2003-12-18: IRSSI Remote Denial of Service Vulnerability
2003-12-18: HP OpenView Network Node Manager Denial Of Service Vulnerabilities
2003-12-18: CVS Malformed Request System Root File Creation Vulnerability
2003-12-18: DUware DUportal Multiple Vulnerabilities
2003-12-18: Botan Es_Unix Privilege Escalation Vulnerability
2003-12-18: CyberGuard Firewall/VPN 5.1 Cross-Site Scripting Vulnerability
2003-12-18: IBM DB2 Insecure DMS Directory Permissions Vulnerability
2003-12-18: ECW-Shop Cat Parameter Cross-Site Scripting Vulnerability
2003-12-18: Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
2003-12-18: Pan Long Author Address Denial Of Service Vulnerability
2003-12-17: Dizzy unix2tcp Unspecified Buffer Overflow Vulnerability
2003-12-17: osCommerce osCsid Parameter Cross-Site Scripting Vulnerability
2003-12-17: GoAhead Webserver ASP Script File Source Code Disclosure Vulnerability
2003-12-17: Ipswitch WS_FTP Server Resource Consumption Remote Denial Of Service Vulnerability
2003-12-17: osCommerce SQL Injection Vulnerability
2003-12-17: OpenSSL ASN.1 Parsing Vulnerabilities
2003-12-17: Sendmail Ruleset Parsing Buffer Overflow Vulnerability
2003-12-17: Sun XDR Library xdrmem_getbytes() Integer Overflow Vulnerability
2003-12-17: Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
2003-12-17: GnuPG ElGamal Signing Key Private Key Compromise Vulnerability
2003-12-17: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2003-12-16: Macromedia Flash Player Flash Cookie Predictable File Location Weakness
2003-12-16: Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
2003-12-16: Microsoft Windows Messenger Service Buffer Overrun Vulnerability
2003-12-16: X Design sipd Remote Format String Vulnerability
2003-12-16: Michael Dean Double Choco Latte Multiple Module Remote File Include Vulnerability
2003-12-16: Dada Mail Unauthorized Mailing List Subscription Vulnerability
2003-12-16: Dada Mail Blank List Password Authentication Bypass Weakness
2003-12-16: MVDSV Quake Server Download Buffer Overrun Vulnerability
2003-12-16: OpenSSH Buffer Mismanagement Vulnerabilities
2003-12-16: e-Zone FuseTalk Search Results Cross Site Scripting Vulnerability
2003-12-16: Microsoft Outlook Web Access HTML Attachment Script Execution Vulnerability
2003-12-16: Multiple Ethereal Protocol Dissector Vulnerabilities
2003-12-16: GNU Zebra / Quagga Remote Denial of Service Vulnerability
2003-12-16: Spoofed Kernel Netlink Interface Message Denial of Service Vulnerability
2003-12-16: mIRC DCC SEND Variant Buffer Overflow Vulnerability
2003-12-16: mIRC DCC SEND Buffer Overflow Vulnerability
2003-12-16: Invision Power Board Index.PHP SQL Injection Vulnerability
2003-12-16: Aardvark Topsites PHP Multiple Vulnerabilities
2003-12-16: J2EE/RI Pointbase Database Remote Command Execution Vulnerability
2003-12-15: Invision Power Top Site List Offset SQL Injection Vulnerability
2003-12-15: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
2003-12-15: W-Agora Multiple Remote Vulnerabilities
2003-12-15: Sun SUNWlldap Library Hostname Buffer Overflow Vulnerability
2003-12-15: Sun Solaris LPStat Unspecified Local Privilege Escalation Vulnerability
2003-12-15: Elektropost EPIServer Multiple Vulnerabilities
2003-12-15: Roger Wilco Remote Server Side Buffer Overrun Vulnerability
2003-12-15: Roger Wilco Remote Username Denial of Service Vulnerability
2003-12-15: Roger Wilco Remote Nickname Buffer Overrun Vulnerability
2003-12-15: Roger Wilco Base Station Denial of Service Vulnerability
2003-12-15: HP-UX NLSPATH Environment Variable Format String Vulnerability
2003-12-15: SEH InterCon Smart PrintServer Access Validation Vulnerability
2003-12-15: X-Chat Remote Denial of Service Vulnerability
2003-12-15: Multiple Cisco PIX Remote Denial Of Service Vulnerabilities
2003-12-15: Multiple Cisco FWSM Vulnerabilities
2003-12-15: XLight FTP Server Unspecified Remote Directory Traversal Vulnerability
2003-12-15: Doro PDF Writer Local Privilege Escalation Vulnerability
2003-12-15: XLight FTP Server Tilde Remote Denial Of Service Vulnerability
2003-12-15: Microsoft Internet Explorer Unspecified Remote Compromise Vulnerability
2003-12-15: Markus Triska CGINews and CGIForum Information Disclosure Vulnerability
2003-12-15: thttpd defang Remote Buffer Overflow Vulnerability


Symantec SSR

Trojan.Bookmarker December 20, 2003 December 22, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm December 20, 2003 December 20, 2003
W32.Sober.gen December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003
Backdoor.Haxdoor
Backdoor.Haxdoor.i [Kaspersky] November 30, 2003 December 1, 2003
W32.HLLW.Studd
W32/Duster [McAfee] November 28, 2003 December 1, 2003
W32.HLLW.Southghost November 28, 2003 December 1, 2003
W32.Midlak@mm November 27, 2003 December 1, 2003
Backdoor.IRC.Whisper November 26, 2003 November 26, 2003
W32.Spex.B.Worm
Worm.P2P.Specx [Kaspersky] November 26, 2003 November 26, 2003
Backdoor.Asoxy November 26, 2003 November 26, 2003
W32.Randex.AX November 25, 2003 November 26, 2003
Backdoor.Spotcom November 25, 2003 November 25, 2003
Backdoor.Sysbug
BackDoor-CAG [McAfee], Troj/Sysbug-A [Sophos] November 25, 2003 November 25, 2003
W32.Azha.Worm November 24, 2003 November 25, 2003
W32.Randex.AW
Backdoor.SdBot.gen [Kaspersky], W32/Sdbot.worm.gen [McAfee] November 24, 2003 November 25, 2003
W32.HLLW.Bandie November 24, 2003 November 25, 2003
W32.Widare
Bloodhound.W32.2 November 23, 2003 November 24, 2003
Backdoor.Ciadoor.B
Backdoor.Ciadoor.12.b [Kaspersky], Backdoor-ASB [McAfee] November 23, 2003 November 24, 2003
W32.Notime November 22, 2003 November 24, 2003
W32.HLLW.Gaobot.DJ
W32.HLLW.Gaobot.gen November 21, 2003 November 24, 2003
W32.Randex.AT
Backdoor.SdBot.gen [KAV] November 21, 2003 November 21, 2003
Backdoor.Tinydog November 20, 2003 November 21, 2003
W32.Bolgi.Worm November 20, 2003 November 21, 2003
W32.HLLW.Taplak
W32.Klap, W32.HLLW.Taplak November 20, 2003 November 20, 2003
PWSteal.Banpaes.B November 20, 2003 November 20, 2003
W32.Randex.AR November 19, 2003 November 20, 2003
W32.HLLW.Anarch@mm November 19, 2003 November 20, 2003





Live Virus Advisory Feed
Posted on Monday, 22 December 2003 @ 09:21:47 UTC by phoenix22 (8585 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/22/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· GNU Project
· IBM
· PHP HomePage
· MandrakeSoft
· Red Hat
· Microsoft
· Microsoft
· Linux Kernel Archives
· PHP-Nuke
· HotScripts
· Apple
· Apache Web Server
· W3 Consortium
· HTML Standard
· Netscape
· Hewlett Packard
· America Online
· X-Free86 Project
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 1
Votes: 1


Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
176ppm 0.445s (0.222s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer